--- title: List scanned assets metadata description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > API Reference > Security Monitoring --- # List scanned assets metadata{% #list-scanned-assets-metadata %} Copy pageCopied {% tab title="v2" %} **Note**: This endpoint is a private preview. If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9). | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security/scanned-assets-metadata | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security/scanned-assets-metadata | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/security/scanned-assets-metadata | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/security/scanned-assets-metadata | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/security/scanned-assets-metadata | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security/scanned-assets-metadata | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security/scanned-assets-metadata | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security/scanned-assets-metadata | ### Overview Get a list of security scanned assets metadata for an organization. ### Pagination{% #pagination %} For the "List Vulnerabilities" endpoint, see the Pagination section. ### Filtering{% #filtering %} For the "List Vulnerabilities" endpoint, see the Filtering section. ### Metadata{% #metadata %} For the "List Vulnerabilities" endpoint, see the Metadata section. ### Related endpoints{% #related-endpoints %} This endpoint returns additional metadata for cloud resources that is not available from the standard resource endpoints. To access a richer dataset, call this endpoint together with the relevant resource endpoint(s) and merge (join) their results using the resource identifier. **Hosts** To enrich host data, join the response from the [Hosts](https://docs.datadoghq.com/api/latest/hosts.md) endpoint with the response from the scanned-assets-metadata endpoint on the following key fields: | ENDPOINT | JOIN KEY | TYPE | | --------------------------------------------------------------- | -------------------------- | ------ | | [/api/v1/hosts](https://docs.datadoghq.com/api/latest/hosts.md) | host_list.host_name | string | | /api/v2/security/scanned-assets-metadata | data.attributes.asset.name | string | **Host Images** To enrich host image data, join the response from the [Hosts](https://docs.datadoghq.com/api/latest/hosts.md) endpoint with the response from the scanned-assets-metadata endpoint on the following key fields: | ENDPOINT | JOIN KEY | TYPE | | --------------------------------------------------------------- | -------------------------------------------------------- | ------ | | [/api/v1/hosts](https://docs.datadoghq.com/api/latest/hosts.md) | host_list.tags_by_source["Amazon Web Services"]["image"] | string | | /api/v2/security/scanned-assets-metadata | data.attributes.asset.name | string | **Container Images** To enrich container image data, join the response from the [Container Images](https://docs.datadoghq.com/api/latest/container-images.md) endpoint with the response from the scanned-assets-metadata endpoint on the following key fields: | ENDPOINT | JOIN KEY | TYPE | | ------------------------------------------------------------------------------------- | ---------------------------------------------------- | ------ | | [/api/v2/container_images](https://docs.datadoghq.com/api/latest/container-images.md) | `data.attributes.name`@`data.attributes.repo_digest` | string | | /api/v2/security/scanned-assets-metadata | data.attributes.asset.name | string | This endpoint requires the `appsec_vm_read` permission. ### Arguments #### Query Strings | Name | Type | Description | | --------------------------- | ------- | ----------------------------------------------------------------------------------------------------------- | | page[token] | string | Its value must come from the `links` section of the response of the first request. Do not manually edit it. | | page[number] | integer | The page number to be retrieved. It should be equal to or greater than 1. | | filter[asset.type] | enum | The type of the scanned asset. Allowed enum values: `Host, HostImage, Image` | | filter[asset.name] | string | The name of the scanned asset. | | filter[last_success.origin] | string | The origin of last success scan. | | filter[last_success.env] | string | The environment of last success scan. | ### Response {% tab title="200" %} OK {% tab title="Model" %} The expected response schema when listing scanned assets metadata. | Parent field | Field | Type | Description | | ------------ | ----------------------------------------- | -------- | -------------------------------------------------------------------------- | | | data [*required*] | [object] | List of scanned assets metadata. | | data | attributes [*required*] | object | The attributes of a scanned asset metadata. | | attributes | asset [*required*] | object | The asset of a scanned asset metadata. | | asset | name [*required*] | string | The name of the asset. | | asset | type [*required*] | enum | The cloud asset type Allowed enum values: `Host,HostImage,Image` | | attributes | first_success_timestamp [*required*] | string | The timestamp when the scan of the asset was performed for the first time. | | attributes | last_success [*required*] | object | Metadata for the last successful scan of an asset. | | last_success | env | string | The environment of the last success scan of the asset. | | last_success | origin | [string] | The list of origins of the last success scan of the asset. | | last_success | timestamp [*required*] | string | The timestamp of the last success scan of the asset. | | data | id [*required*] | string | The ID of the scanned asset metadata. | | | links | object | The JSON:API links related to pagination. | | links | first [*required*] | string | First page link. | | links | last [*required*] | string | Last page link. | | links | next | string | Next page link. | | links | previous | string | Previous page link. | | links | self [*required*] | string | Request link. | | | meta | object | The metadata related to this request. | | meta | count [*required*] | int64 | Number of entities included in the response. | | meta | token [*required*] | string | The token that identifies the request. | | meta | total [*required*] | int64 | Total number of entities across all pages. | {% /tab %} {% tab title="Example" %} ```json { "data": [ { "attributes": { "asset": { "name": "i-0fc7edef1ab26d7ef", "type": "Host" }, "first_success_timestamp": "2025-07-08T07:24:53Z", "last_success": { "env": "prod", "origin": [ "production" ], "timestamp": "2025-07-08T07:24:53Z" } }, "id": "Host|i-0fc7edef1ab26d7ef" } ], "links": { "first": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=1\u0026page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4", "last": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=15\u0026page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4", "next": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=16\u0026page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4", "previous": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Bnumber%5D=14\u0026page%5Btoken%5D=b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4", "self": "https://api.datadoghq.com/api/v2/security/vulnerabilities?filter%5Btool%5D=Infra" }, "meta": { "count": 150, "token": "b82cef018aab81ed1d4bb4xb35xxfc065da7efa685fbcecdbd338f3015e3afabbbfa3a911b4984_721ee28a-zecb-4e45-9960-c42065b574f4", "total": 152431 } } ``` {% /tab %} {% /tab %} {% tab title="400" %} Bad request: The server cannot process the request due to invalid syntax in the request. {% tab title="Model" %} API error response. | Parent field | Field | Type | Description | | ------------ | ------------------------ | -------- | ------------------------------------------------------------------------------- | | | errors [*required*] | [object] | A list of errors. | | errors | detail | string | A human-readable explanation specific to this occurrence of the error. | | errors | meta | object | Non-standard meta-information about the error | | errors | source | object | References to the source of the error. | | source | header | string | A string indicating the name of a single request header which caused the error. | | source | parameter | string | A string indicating which URI query parameter caused the error. | | source | pointer | string | A JSON pointer to the value in the request document that caused the error. | | errors | status | string | Status code of the response. | | errors | title | string | Short human-readable summary of the error. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ { "detail": "Missing required attribute in body", "meta": {}, "source": { "header": "Authorization", "parameter": "limit", "pointer": "/data/attributes/title" }, "status": "400", "title": "Bad Request" } ] } ``` {% /tab %} {% /tab %} {% tab title="403" %} Forbidden: Access denied {% tab title="Model" %} API error response. | Parent field | Field | Type | Description | | ------------ | ------------------------ | -------- | ------------------------------------------------------------------------------- | | | errors [*required*] | [object] | A list of errors. | | errors | detail | string | A human-readable explanation specific to this occurrence of the error. | | errors | meta | object | Non-standard meta-information about the error | | errors | source | object | References to the source of the error. | | source | header | string | A string indicating the name of a single request header which caused the error. | | source | parameter | string | A string indicating which URI query parameter caused the error. | | source | pointer | string | A JSON pointer to the value in the request document that caused the error. | | errors | status | string | Status code of the response. | | errors | title | string | Short human-readable summary of the error. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ { "detail": "Missing required attribute in body", "meta": {}, "source": { "header": "Authorization", "parameter": "limit", "pointer": "/data/attributes/title" }, "status": "400", "title": "Bad Request" } ] } ``` {% /tab %} {% /tab %} {% tab title="404" %} Not found: asset not found {% tab title="Model" %} API error response. | Parent field | Field | Type | Description | | ------------ | ------------------------ | -------- | ------------------------------------------------------------------------------- | | | errors [*required*] | [object] | A list of errors. | | errors | detail | string | A human-readable explanation specific to this occurrence of the error. | | errors | meta | object | Non-standard meta-information about the error | | errors | source | object | References to the source of the error. | | source | header | string | A string indicating the name of a single request header which caused the error. | | source | parameter | string | A string indicating which URI query parameter caused the error. | | source | pointer | string | A JSON pointer to the value in the request document that caused the error. | | errors | status | string | Status code of the response. | | errors | title | string | Short human-readable summary of the error. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ { "detail": "Missing required attribute in body", "meta": {}, "source": { "header": "Authorization", "parameter": "limit", "pointer": "/data/attributes/title" }, "status": "400", "title": "Bad Request" } ] } ``` {% /tab %} {% /tab %} {% tab title="429" %} Too many requests {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} ### Code Example ##### \# Curl command curl -X GET "https://api.datadoghq.com/api/v2/security/scanned-assets-metadata" \ -H "Accept: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}" ##### ```python """ List scanned assets metadata returns "OK" response """ from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi configuration = Configuration() configuration.unstable_operations["list_scanned_assets_metadata"] = True with ApiClient(configuration) as api_client: api_instance = SecurityMonitoringApi(api_client) response = api_instance.list_scanned_assets_metadata() print(response) ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=python) and then save the example to `example.py` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" python3 "example.py" ##### ```ruby # List scanned assets metadata returns "OK" response require "datadog_api_client" DatadogAPIClient.configure do |config| config.unstable_operations["v2.list_scanned_assets_metadata".to_sym] = true end api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new p api_instance.list_scanned_assets_metadata() ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=ruby) and then save the example to `example.rb` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" rb "example.rb" ##### ```go // List scanned assets metadata returns "OK" response package main import ( "context" "encoding/json" "fmt" "os" "github.com/DataDog/datadog-api-client-go/v2/api/datadog" "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" ) func main() { ctx := datadog.NewDefaultContext(context.Background()) configuration := datadog.NewConfiguration() configuration.SetUnstableOperationEnabled("v2.ListScannedAssetsMetadata", true) apiClient := datadog.NewAPIClient(configuration) api := datadogV2.NewSecurityMonitoringApi(apiClient) resp, r, err := api.ListScannedAssetsMetadata(ctx, *datadogV2.NewListScannedAssetsMetadataOptionalParameters()) if err != nil { fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.ListScannedAssetsMetadata`: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } responseContent, _ := json.MarshalIndent(resp, "", " ") fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.ListScannedAssetsMetadata`:\n%s\n", responseContent) } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=go) and then save the example to `main.go` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" go run "main.go" ##### ```java // List scanned assets metadata returns "OK" response import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.SecurityMonitoringApi; import com.datadog.api.client.v2.model.ScannedAssetsMetadata; public class Example { public static void main(String[] args) { ApiClient defaultClient = ApiClient.getDefaultApiClient(); defaultClient.setUnstableOperationEnabled("v2.listScannedAssetsMetadata", true); SecurityMonitoringApi apiInstance = new SecurityMonitoringApi(defaultClient); try { ScannedAssetsMetadata result = apiInstance.listScannedAssetsMetadata(); System.out.println(result); } catch (ApiException e) { System.err.println("Exception when calling SecurityMonitoringApi#listScannedAssetsMetadata"); System.err.println("Status code: " + e.getCode()); System.err.println("Reason: " + e.getResponseBody()); System.err.println("Response headers: " + e.getResponseHeaders()); e.printStackTrace(); } } } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=java) and then save the example to `Example.java` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" java "Example.java" ##### ```rust // List scanned assets metadata returns "OK" response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_security_monitoring::ListScannedAssetsMetadataOptionalParams; use datadog_api_client::datadogV2::api_security_monitoring::SecurityMonitoringAPI; #[tokio::main] async fn main() { let mut configuration = datadog::Configuration::new(); configuration.set_unstable_operation_enabled("v2.ListScannedAssetsMetadata", true); let api = SecurityMonitoringAPI::with_config(configuration); let resp = api .list_scanned_assets_metadata(ListScannedAssetsMetadataOptionalParams::default()) .await; if let Ok(value) = resp { println!("{:#?}", value); } else { println!("{:#?}", resp.unwrap_err()); } } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=rust) and then save the example to `src/main.rs` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" cargo run ##### ```typescript /** * List scanned assets metadata returns "OK" response */ import { client, v2 } from "@datadog/datadog-api-client"; const configuration = client.createConfiguration(); configuration.unstableOperations["v2.listScannedAssetsMetadata"] = true; const apiInstance = new v2.SecurityMonitoringApi(configuration); apiInstance .listScannedAssetsMetadata() .then((data: v2.ScannedAssetsMetadata) => { console.log( "API called successfully. Returned data: " + JSON.stringify(data) ); }) .catch((error: any) => console.error(error)); ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=typescript) and then save the example to `example.ts` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" tsc "example.ts" {% /tab %}